CWE-1333

High likelihood

Inefficient Regular Expression Complexity

Parent: CWE-407 - Inefficient Algorithmic Complexity

The product uses a regular expression with a worst-case computational complexity that is inefficient and possibly exponential.

426 vulnerabilities with CWE-1333
CVE-2021-3807 HIGH
ansi-regex - Inefficient Regular Expression Complexity
CVSS 7.5
CVE-2021-3804 HIGH
taro < 3.3.9 - Inefficient Regular Expression Complexity
CVSS 7.5
CVE-2021-3803 HIGH
nth-check - Inefficient Regular Expression Complexity
CVSS 7.5
CVE-2021-3795 HIGH
semver-regex - Inefficient Regular Expression Complexity
CVSS 7.5
CVE-2021-3801 MEDIUM
prismjs/prism < 1.25.0 - Inefficient Regular Expression Complexity
CVSS 6.5
CVE-2021-3794 HIGH
vuelidate - Inefficient Regular Expression Complexity
CVSS 7.5
CVE-2021-3777 HIGH
nodejs-tmpl - Inefficient Regular Expression Complexity
CVSS 7.5
CVE-2021-3749 HIGH
axios <0.21.2 - Denial of Service via Inefficient Regular Expression
CVSS 7.5
CVE-2021-3649 HIGH
chatwoot < 1.18.0 - Inefficient Regular Expression Complexity
CVSS 7.5
CVE-2021-33502 HIGH
normalize-url <4.5.1, <5.3.1, <6.0.1 - DoS
CVSS 7.5
CVE-2021-23364 MEDIUM
browserslist 4.0.0-4.16.5 - Regular Expression Denial of Service
CVSS 5.3
CVE-2021-23382 MEDIUM
postcss < 7.0.36 and 8.0.0-8.2.13 - Regular Expression Denial of Service via getAnnotationURL() and loadAnnotation()
CVSS 5.3
CVE-2021-23362 MEDIUM
hosted-git-info < 2.8.9 - Regular Expression Denial of Service via shortcutMatch
CVSS 5.3
CVE-2021-25292 MEDIUM
Pillow < 8.1.1 - Denial of Service via PDF Parser Regex Backtracking
CVSS 6.5
CVE-2021-27291 HIGH
Pygments 1.1-2.7.3 - Denial of Service via Inefficient Regular Expression Complexity
CVSS 7.5
CVE-2021-28092 HIGH
is-svg 2.1.0-4.2.1 - Regular Expression Denial of Service
CVSS 7.5
CVE-2021-23354 MEDIUM
adaltas printf < 0.6.1 - Regular Expression Denial of Service via lib/printf.js Regex
CVSS 5.3
CVE-2021-26813 HIGH
markdown2 >=1.0.1.18 <2.4.0 - Denial of Service via Inefficient Regular Expression
CVSS 7.5
CVE-2021-21317 MEDIUM
uap-core < 0.11.0 - Regular Expression Denial of Service via User-Agent Header
CVSS 5.3
CVE-2020-26311 HIGH
useragent - Regular Expression Denial of Service via Inefficient Regex
CVSS 7.5
CVE-2020-26310 HIGH
Pure-JavaScript-HTML5-Parser - Regular Expression Denial of Service
CVE-2020-26309 HIGH
nope-validator < 0.12.1 - Regular Expression Denial of Service
CVE-2020-26308 HIGH
validate.js < 0.13.1 - Regular Expression Denial of Service
CVSS 7.5
CVE-2020-26307 HIGH
kates html2markdown < 1.0.2 - Regular Expression Denial of Service
CVE-2020-26306 HIGH
Knwl.js <= 1.0.2 - Denial of Service via Inefficient Regular Expression
Details
Vulnerabilities 426
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits